Pages with IPv4 Only (DNS?)
I'm trying to run a page that retrieves the user's IPv4 address. It specifically needs to be v4. I'm using CF headers to get both v4 and v6 addresses, but some users don't connect via v4 at all, so I can't get their v4 address.
I can't think of a good way to block off v6 traffic for a subdomain, other than using an A record instead of CNAME, but obviously that probably wouldn't work well. Is something like this possible?
8 Replies
There's a lot of users that are IPv6 only these days
You should really support both
Why are you only supporting v4?
It's for old server stuff. Our main server software is ipv4 only. The page I'm trying to make stores "diagnostic" info for users who need support
If the network supported V6 at all, then yes it wouldn't matter. Unfortunately I don't have that luxury 😞
Don't really have a good solution here. Cloudflare will always allow IPv6, there's the pseudo IPv4 setting but that obviously is pseudo
The API way to disable IPv6 still works, but yea it's for your entire zone and not just a subdomain, so unless you're fine with disabling it on your entire zone & using a custom domain for your pages project, seemingly out of luck
ah ok, but I can do it with another zone. That helps! thanks
"pseudo" is a bit misleading tbh. It is real, just depends on if the user connects with both ipv4 and v6 (which they won't always)
I had opened a ticket last year trying to figure out what was going on with the headers, and it was like
From what I understand, Pseudo is a different setting which "converts" IPv6 addresses to IPv4 Class E address space. Cloudflare still would respond with AAAA records.
I was talking about "IPv6 Compatibility" setting which is only possible to turn off via the API but makes Cloudflare stop responding with AAAA records entirely, so ipv4 only.
Unless you're saying psuedo has some weird quirk where it tries to store user ipv4s some how, don't really get how it would do that though, and it doesn't mention it in the blog post or docs
Oh, is the thing you're talking about how the add header option for it adds
Cf-Pseudo-IPv4 but still keeps the IPv6 in the normal cf-connecting-ip header? If so those psuedo ipv4s aren't real and are just a result of hashing the IPv6 into the unused class e ipv4 address spaceActually, that's not what's going on! The
Pseudo-IPv4 header would occasionally contain an ipv6 address.
When I reached out, one of the engineers said that it was because of the "happy eyeballs" system. Because some clients won't initially connect with ipv4 at all, there won't be an ipv4 address
I'm not sure why or how that plays out over chrome, but I'd believe it.
Maybe some ISP nonsense
I'm not a network engineer, but I find all this stuff really interesting
Got it working by using another zone, thanks for the help!